We want to automate the creation of policies in Red Hat Advanced Cluster Security for Kubernetes.
There's an API endpoint for the task so it can be automated with Ansible.
Create your Ansible Vault with those variables:
vaulted_acs_host: <your-acs-host>
vaulted_acs_token: <your-acs-API-token>The ACS API token can either have the Admin role or, if you prefer, a custom role with read/write permission to the /policies API endpoint. More info can be found here.
Run your playbook and pass the CVE reference:
ansible-playbook --ask-vault-pass playbook.yml -e cve=CVE-2021-44228Rationale, remediation, etc. can also be defined.
This playbook can also be used with Ansible Automation Platform and take advantage of surveys.
